i am presenting here, what are all i am reading and what are all experiences which I got. i am just sharing here.
வணக்கம்....நான் விவேக்.. இங்கு எனக்கு கிடைத்த தகவலும் .. என்னை கவர்ந்த செய்திகளும் உங்களுக்கு தருகின்றேன் ...

Callback units are a good security device, But with most phone systems,it is quite possible for the hacker to use the following steps to getaround a callback unit that uses the same phone line for both incommingand out going calls:First, he calls he callback unit and enters anyauthorized ID code (this is not hard to get,as you'll see in a moment).After he enters this ID, the hacker holds the phone line open - he doesnot hang up. When the callback unit picks up the phone to call the user back,the hacker is there, waiting to meet it.

The ID code as I said, is simple for a hacker to obtain, because thesecodes are not meant to be security precautions.The callback unit itselfprovides security by keeping incomming calls from reaching the computer.The ID codes are no more private than most telephone numbers. Some callbackunits refer to the codes as "location identification numbers," and somelocations are used by several different people,so their IDs are fairlywell known.I've been told that, in some cases,callback ubits also havecertain simple codes that are always defined by default. Once the hackerhas entered an ID code and the callback unit has picked up the phone tore-call him,the hacker may or may not decide to provide a dial tone toallow the unit to "think" it is calling the correct number. In any event,the hacker will then turn on his computer, connect with the system - andaway he goes.If the however, the hacker has trouble holding the line withmethod,he has an option: the intercept.

The Intercept: Holding the line will only work with callback units that use the samephone lines to call in and to call out.Some callback units use differentincoming and outgoing lines, numbers 555-3820 through 555-3830 are dedicatedto users' incoming calls, and lines 555-2020 through 555-2030 are dedicatedto the computers outgoing calls.The only thing a hacker needs in order toget through to these systems is a computer and a little time - he doesn'teven need an ID code. First,the hacker calls any one of the outgoing phonelines, which, of course, will not answer.Sooner or later, though, while thehacker has his computer waiting there, listening to the ring, an authorizeduser will call one of the incomming lines and request to be called back.It will usually be less than an hours wait, but the hacker's computeris perfectly capable of waiting for days, if need be.

The callback unit will take the code of the authorized user, hang up,verify the code, and pick up the phone line to call back.If the unittries to call out on the line the hacker has dialed, the hacker has hiscomputer play a tone that sounds just like a dial tone.The computer willthen dial the number given that matches up with the user's authorized ID.After that,the hacker can just connect his computer as he would in anyother case.If he is really serious,he will even decode the touch tonesthat the mainframe dialed,figure out the phone number of the user thesystem was calling, call the person, and make a few strange noises thatsound as though the computer called back but didnt work for some reason.

2) TRAPDOORS AS A POSSIBLILITY

I haven't heard of this happening, but i think it is possible that acallback modem could have a trapdoor built into it.Callback modems arerun by software, which is written by programmers.An unscrupulous programmercould find it very easy to slip in an unpublicized routine, such as,"if code =*43*, then show all valid codes and phone numbers." And such aroutine, of course, would leave security wide open to anyone who found thetrapdoor.The obvious protection here, assuming the situation ever arises,is simply an ethical manufactorer that checks its software thoroughly beforereleasing it.

A trapdoor is a set of special instructions embedded in the largeprogram that is the operating system of a computer.A permanent,hopefully secret "doorway", these special instructions enabe anyone whoknows about them to bypass normal security procedures and to gain access tothe computer's files.Although they may sound sinister, trapdoors were notinvented by hackers, although existing ones are certainly used by hackerswho find out about them.

3) THE DECOY

One of the more sophisticated hacking tools is known as the decoy, and itcomes in three versions.The first version requires that the hacker have anaccount on the system in question. As in my case,the hacker has alow-security account,and he tries this method to get higher-securityaccount.He will first use his low-security account to write a program thatwill emulate the log-on procedures of the systems in questions.This program will do the following:

*- Clear the terminal screen and place text on it that makes everythinglook as if the system is in charge.

*- Prompt for, and allow the user to enter, both an account name and a password.*- Save that information in a place the hacker can access.

*- Tell the use the account/password entries are not acceptable.

*- turn control of the terminal back over to the system.

The user will now assume that the account name or password was mistypedand will try again...this time (scince the real operating system is incontrol) with more success.You can see a diagram of the way these steps areaccomplished

__________________ LOG OFF/RETURN CONTROL TO OPERATING SYSTEM ____________________

4) CALL FORWARDING

Many people use call forwarding by special arrangement with the phonecompany.When a customer requests call forwarding, the phone company usesits computer to forward all the customers incomeing calls to anothernumber. Lets say, for example, that you want calls that come to your officephone to be forwarded to your home phone: A call from you to the phonecompany,some special settings in the phone companys computer, and allcalls to your office will ring at your home instead.This little bit of helpfrom the phone company is another tool used by hackers. Lets say you thoughtthat the computer you were hacking into was being watched-because thesysop might have seen you and called the fed's and your sort of bugged bythis nagging feeling that they will trace the next hacker that calls,just call the phone company and ask for call forwarding, pick a number,(ANY NUMBER) out of the phone book and have your calls forwarded to thatnumber,Hea,Hea, the number you picked is the one that will be traced to,not yours, so you could be hacking away,they think that they have traced you,but actually the number you had your calls forwarded too. they enter chat modeand say (YOUR BUSTED!!!!, WE'VE TRACED YOUR PHONE NUMER THE FEDS ARE ON THEWAY!!), You could reply (Hea, SURE YA DID! I'D LIKE TO SEE YA TRY AND GET ME!GO AHEAD!) ,that wont seem very important to them at the time, but it willsure piss them off when they bust the wrong guy!

5) RAPID FIRE

Memory-location manipulation can be helpful, but there is another, morepowerful,possibility, in some cases: the Rapid-fire method.To understand howthis methos works, you have to know something about the way operationgsystems work.When a user enters a command, the operating system first placesthe command in a holding area, a buffer, where it will sit for a fewmillionths of a second.The system looks at the command and say's "Does thisperson really have authorization to do this, or not?" Then, the commandsits there a few thousandths of a second while the system runs off tocheck the user's authorization.When the system comes back to the command,it will have one of two possible answers: "OK, GO AHEAD," or "SORRY,GET PERMISSION FIRST."

Once you are on a system that handles things this way, you canDisclaimer:-i am not liable for any criminal or bad thing which you have done using this message and document. i am giving here for the educational purpose and care should be taken from your side before using this document and please get a written permission from the person before hacking or doing some thing in the network or system.This document is intended for judicial or educational purposes. I have collected these documents and messages from the internet for educational purpose only. always use these documents for doing good only. I don't want to promote computer crime and I'm not responible of your actions in any way. If you want to hack a computer, do the decent thing and ask for permission first. please read and use this for useful purpose only to protect the systems and information from the bad people. always seek permission from the system owner or who ever responcible for the system by written and then go ahead. Give a full report with honestly to the person or company about your experiments and findings from the system. Always Do Good Think Good and Belive Good.